WHERE course_id = ?d", $course_id)->maxorder; $order = $orderMax + 1; // insert $id = Database::get()->query("INSERT INTO announcement SET content = ?s, title = ?s, `date` = " . DBHelper::timeAfter() . ", course_id = ?d, `order` = ?d, visible = 1, start_display = ?t, stop_display = ?t", $newContent, $antitle, $course_id, $order, $start_display, $stop_display)->lastInsertID; $log_type = LOG_INSERT; if (isset($_POST['tags'])) { $tagsArray = explode(',', $_POST['tags']); $moduleTag = new ModuleElement($id); $moduleTag->attachTags($tagsArray); } } Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_ANNOUNCEMENT, $id); $txt_content = ellipsize_html(canonicalize_whitespace(strip_tags($_POST['newContent'])), 50, '+'); Log::record($course_id, MODULE_ID_ANNOUNCE, $log_type, array('id' => $id, 'email' => $send_mail, 'title' => $_POST['antitle'], 'content' => $txt_content)); // send email if ($send_mail) { $title = course_id_to_title($course_id); $recipients_emaillist = ""; if ($_POST['recipients'][0] == -1) { // all users $cu = Database::get()->queryArray("SELECT cu.user_id FROM course_user cu
/** * * @global type $langCourseUnitModified * @global type $langCourseUnitAdded * @global null $maxorder * @global type $course_id * @global type $course_code * @global type $webDir * @return type */ function handle_unit_info_edit() { global $langCourseUnitModified, $langCourseUnitAdded, $maxorder, $course_id, $course_code, $webDir; require_once 'modules/tags/moduleElement.class.php'; $title = $_REQUEST['unittitle']; $descr = $_REQUEST['unitdescr']; if (isset($_REQUEST['unit_id'])) { // update course unit $unit_id = $_REQUEST['unit_id']; Database::get()->query("UPDATE course_units SET\n title = ?s,\n comments = ?s\n WHERE id = ?d AND course_id = ?d", $title, $descr, $unit_id, $course_id); // tags if (isset($_POST['tags'])) { $tagsArray = explode(',', $_POST['tags']); $moduleTag = new ModuleElement($unit_id); $moduleTag->syncTags($tagsArray); } $successmsg = $langCourseUnitModified; } else { // add new course unit $order = $maxorder + 1; $q = Database::get()->query("INSERT INTO course_units SET\n title = ?s, comments = ?s, visible = 1,\n `order` = ?d, course_id = ?d", $title, $descr, $order, $course_id); $successmsg = $langCourseUnitAdded; $unit_id = $q->lastInsertID; // tags if (isset($_POST['tags'])) { $tagsArray = explode(',', $_POST['tags']); $moduleTag = new ModuleElement($unit_id); $moduleTag->attachTags($tagsArray); } } // update index require_once 'modules/search/indexer.class.php'; Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_UNIT, $unit_id); Indexer::queueAsync(Indexer::REQUEST_STORE, Indexer::RESOURCE_COURSE, $course_id); // refresh course metadata require_once 'modules/course_metadata/CourseXML.php'; CourseXMLElement::refreshCourse($course_id, $course_code); Session::Messages($successmsg, 'alert-success'); redirect_to_home_page("modules/units/index.php?course={$course_code}&id={$unit_id}"); }
function add_assignment() { global $tool_content, $workPath, $course_id, $uid, $langTheField, $m, $course_code, $langFormErrors, $langNewAssignSuccess, $langScales; $v = new Valitron\Validator($_POST); $v->rule('required', array('title')); $v->rule('integer', array('group_submissions', 'assign_to_specific')); if (isset($_POST['max_grade'])) { $v->rule('required', array('max_grade')); $v->rule('numeric', array('max_grade')); $v->labels(array('max_grade' => "$langTheField $m[max_grade]")); } if (isset($_POST['scale'])) { $v->rule('required', array('scale')); $v->rule('numeric', array('scale')); $v->labels(array('scale' => "$langTheField $langScales")); } $v->labels(array('title' => "$langTheField $m[title]")); if($v->validate()) { $title = $_POST['title']; $desc = $_POST['desc']; $deadline = isset($_POST['WorkEnd']) && !empty($_POST['WorkEnd']) ? DateTime::createFromFormat('d-m-Y H:i', $_POST['WorkEnd'])->format('Y-m-d H:i:s') : NULL; $submission_type = $_POST['submission_type']; $late_submission = isset($_POST['late_submission']) ? 1 : 0; $group_submissions = $_POST['group_submissions']; if (isset($_POST['scale'])) { $max_grade = max_grade_from_scale($_POST['scale']); $grading_scale_id = $_POST['scale']; } else { $max_grade = $_POST['max_grade']; $grading_scale_id = 0; } $assign_to_specific = $_POST['assign_to_specific']; $assigned_to = filter_input(INPUT_POST, 'ingroup', FILTER_VALIDATE_INT, FILTER_REQUIRE_ARRAY); $auto_judge = isset($_POST['auto_judge']) ? filter_input(INPUT_POST, 'auto_judge', FILTER_VALIDATE_INT) : 0; $auto_judge_scenarios = isset($_POST['auto_judge_scenarios']) ? serialize($_POST['auto_judge_scenarios']) : ""; $lang = isset($_POST['lang']) ? filter_input(INPUT_POST, 'lang') : ''; $secret = uniqid(''); if ($assign_to_specific == 1 && empty($assigned_to)) { $assign_to_specific = 0; } if (@mkdir("$workPath/$secret", 0777) && @mkdir("$workPath/admin_files/$secret", 0777, true)) { $id = Database::get()->query("INSERT INTO assignment (course_id, title, description, deadline, late_submission, comments, submission_type, submission_date, secret_directory, group_submissions, max_grade, grading_scale_id, assign_to_specific, auto_judge, auto_judge_scenarios, lang) " . "VALUES (?d, ?s, ?s, ?t, ?d, ?s, ?d, ?t, ?s, ?d, ?f, ?d, ?d, ?d, ?s, ?s)", $course_id, $title, $desc, $deadline, $late_submission, '', $submission_type, date("Y-m-d H:i:s"), $secret, $group_submissions, $max_grade, $grading_scale_id, $assign_to_specific, $auto_judge, $auto_judge_scenarios, $lang)->lastInsertID; // tags if (isset($_POST['tags'])) { $tagsArray = explode(',', $_POST['tags']); $moduleTag = new ModuleElement($id); $moduleTag->attachTags($tagsArray); } $secret = work_secret($id); if ($id) { $student_name = trim(uid_to_name($user_id)); $local_name = !empty($student_name)? $student_name : uid_to_name($user_id, 'username'); $am = Database::get()->querySingle("SELECT am FROM user WHERE id = ?d", $uid)->am; if (!empty($am)) { $local_name .= $am; } $local_name = greek_to_latin($local_name); $local_name = replace_dangerous_char($local_name); if (!isset($_FILES) || !$_FILES['userfile']['size']) { $_FILES['userfile']['name'] = ''; $_FILES['userfile']['tmp_name'] = ''; } else { validateUploadedFile($_FILES['userfile']['name'], 2); if (preg_match('/\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|' . 'inf|ins|isp|jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|' . 'shb|url|vbe|vbs|wsc|wsf|wsh)$/', $_FILES['userfile']['name'])) { $tool_content .= "<p class=\"caution\">$langUnwantedFiletype: {$_FILES['userfile']['name']}<br />"; $tool_content .= "<a href=\"$_SERVER[SCRIPT_NAME]?course=$course_code&id=$id\">$langBack</a></p><br />"; return; } $ext = get_file_extension($_FILES['userfile']['name']); $filename = "$secret/$local_name" . (empty($ext) ? '' : '.' . $ext); if (move_uploaded_file($_FILES['userfile']['tmp_name'], "$workPath/admin_files/$filename")) { @chmod("$workPath/admin_files/$filename", 0644); $file_name = $_FILES['userfile']['name']; Database::get()->query("UPDATE assignment SET file_path = ?s, file_name = ?s WHERE id = ?d", $filename, $file_name, $id); } } if ($assign_to_specific && !empty($assigned_to)) { if ($group_submissions == 1) { $column = 'group_id'; $other_column = 'user_id'; } else { $column = 'user_id'; $other_column = 'group_id'; } foreach ($assigned_to as $assignee_id) { Database::get()->query("INSERT INTO assignment_to_specific ({$column}, {$other_column}, assignment_id) VALUES (?d, ?d, ?d)", $assignee_id, 0, $id); } } Log::record($course_id, MODULE_ID_ASSIGN, LOG_INSERT, array('id' => $id, 'title' => $title, 'description' => $desc, 'deadline' => $deadline, 'secret' => $secret, 'group' => $group_submissions)); Session::Messages($langNewAssignSuccess,'alert-success'); redirect_to_home_page("modules/work/index.php?course=$course_code"); } else { @rmdir("$workPath/$secret"); die('Error creating directories'); } } } else { Session::flashPost()->Messages($langFormErrors)->Errors($v->errors()); redirect_to_home_page("modules/work/index.php?course=$course_code&add=1"); } }